7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.2%
The SessionService::GetLastSession function in
browser/sessions/session_service.cc in Google Chrome before 38.0.2125.101
allows remote attackers to cause a denial of service (use-after-free) or
possibly have unspecified other impact via vectors that leverage “type
confusion” for callback processing.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 14.04 | noarch | chromium-browser | < 38.0.2125.111-0ubuntu0.14.04.1.1061 | UNKNOWN |
ubuntu | 14.10 | noarch | chromium-browser | < 38.0.2125.111-0ubuntu0.14.10.1.1103 | UNKNOWN |
ubuntu | 15.04 | noarch | chromium-browser | < 38.0.2125.111-0ubuntu1.1103 | UNKNOWN |
ubuntu | 15.10 | noarch | chromium-browser | < 38.0.2125.111-0ubuntu1.1103 | UNKNOWN |